CWE-822— Untrusted Pointer Dereference
194 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-822page 3 of 4
- CVE-2024-40872HIGHCVSS 8.4EG 8.42024-07-25
There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can elevate their privilege to system level b…
- CVE-2024-43516HIGHCVSS 7.8EG 7.82024-10-08
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
- CVE-2024-43529HIGHCVSS 7.3EG 7.32024-10-08
Windows Print Spooler Elevation of Privilege Vulnerability
- CVE-2024-43553HIGHCVSS 7.4EG 7.42024-10-08
NT OS Kernel Elevation of Privilege Vulnerability
- CVE-2024-43624HIGHCVSS 8.8EG 8.82024-11-12
Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability
- CVE-2024-43629HIGHCVSS 7.8EG 7.82024-11-12
Windows DWM Core Library Elevation of Privilege Vulnerability
- CVE-2024-43631MEDIUMCVSS 6.7EG 6.72024-11-12
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
- CVE-2024-43636HIGHCVSS 7.8EG 7.82024-11-12
Win32k Elevation of Privilege Vulnerability
- CVE-2024-43646MEDIUMCVSS 6.7EG 6.72024-11-12
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
- CVE-2024-45584HIGHCVSS 7.8EG 7.82025-02-03
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.
- CVE-2024-49090HIGHCVSS 7.8EG 7.82024-12-12
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2024-53033HIGHCVSS 7.8EG 7.82025-03-03
Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.
- CVE-2024-53034HIGHCVSS 7.8EG 7.82025-03-03
Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.
- CVE-2025-1255CRITICALCVSS 9.1EG 9.12025-09-23
Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.2.0 before 7.3.0.9.
- CVE-2025-20018HIGHCVSS 8.4EG 8.42025-05-13
Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-20090MEDIUMCVSS 5.5EG 5.52025-08-12
Untrusted Pointer Dereference for some Intel(R) QuickAssist Technology software before version 2.5.0 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2025-21354HIGHCVSS 8.4EG 7.82025-01-14
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2025-21358HIGHCVSS 7.8EG 7.82025-02-11
Windows Core Messaging Elevation of Privileges Vulnerability
- CVE-2025-21363HIGHCVSS 7.8EG 7.82025-01-14
Microsoft Word Remote Code Execution Vulnerability
- CVE-2025-21381HIGHCVSS 7.8EG 7.82025-02-11
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2025-21486HIGHCVSS 7.8EG 7.82025-06-03
Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.
- CVE-2025-22464MEDIUMCVSS 6.1EG 6.12025-04-08
An untrusted pointer dereference vulnerability in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an attacker with local access to write arbitrary data into memory causing a denial-of-service condition.
- CVE-2025-24083HIGHCVSS 7.8EG 7.82025-03-11
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-24084HIGHCVSS 8.4EG 8.42025-03-11
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.
- CVE-2025-24990HIGHCVSS 7.8EG 9.0⚠ KEV2025-10-14
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed …
- CVE-2025-27048HIGHCVSS 7.8EG 7.82025-10-09
Memory corruption while processing camera platform driver IOCTL calls.
- CVE-2025-27060HIGHCVSS 8.8EG 8.82025-10-09
Memory corruption while performing SCM call with malformed inputs.
- CVE-2025-27069HIGHCVSS 7.8EG 7.82025-08-06
Memory corruption while processing DDI command calls.
- CVE-2025-27710MEDIUMCVSS 6.5EG 6.52025-11-11
Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low compl…
- CVE-2025-27739HIGHCVSS 7.8EG 7.82025-04-08
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2025-27747HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-29812HIGHCVSS 7.8EG 7.82025-04-08
Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
- CVE-2025-30381HIGHCVSS 7.8EG 7.82025-05-13
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-32446MEDIUMCVSS 6.5EG 6.52025-11-11
Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a l…
- CVE-2025-47325MEDIUMCVSS 6.5EG 6.52025-12-18
Information disclosure while processing system calls with invalid parameters.
- CVE-2025-47338HIGHCVSS 7.8EG 7.82025-10-09
Memory corruption while processing escape commands from userspace.
- CVE-2025-47343HIGHCVSS 7.8EG 7.82026-01-07
Memory corruption while processing a video session to set video parameters.
- CVE-2025-47380HIGHCVSS 7.8EG 7.82026-01-07
Memory corruption while preprocessing IOCTLs in sensors.
- CVE-2025-47387HIGHCVSS 7.8EG 7.82025-12-18
Memory Corruption when processing IOCTLs for JPEG data without verification.
- CVE-2025-47405HIGHCVSS 7.8EG 7.82026-05-04
Memory corruption when processing camera sensor input/output control codes with invalid output buffers.
- CVE-2025-47408HIGHCVSS 7.8EG 7.82026-05-04
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
- CVE-2025-47982HIGHCVSS 7.8EG 7.82025-07-08
Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-47985HIGHCVSS 7.8EG 7.82025-07-08
Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
- CVE-2025-49661HIGHCVSS 7.8EG 7.82025-07-08
Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2025-49689HIGHCVSS 7.8EG 7.82025-07-08
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
- CVE-2025-4993CRITICALCVSS 9.1EG 9.12025-09-23
Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.10, from 6.1.0 before 6.1.2.27, …
- CVE-2025-50165CRITICALCVSS 9.8EG 9.82025-08-12
Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
- CVE-2025-52516MEDIUMCVSS 6.2EG 6.22026-01-05
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service.
- CVE-2025-53801HIGHCVSS 7.8EG 7.82025-09-09
Untrusted pointer dereference in Windows DWM allows an authorized attacker to elevate privileges locally.
- CVE-2025-54114HIGHCVSS 7.0EG 7.02025-09-09
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
Map vulnerabilities like CWE-822 to your infrastructure
EchelonGraph correlates every CVE — across CWE-822 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →